Grace Solutions - Client security update 
 
 
Welcome back - Issue 2
This fortnight, we've once again scoured the latest IT flags and warnings, to translate the tech, distil what you need to know and give you the low down on why they matter.   
 

What it means 

GitHub is investigating a breach of its internal repositories after the 'TeamPCP' hacker group claimed to have accessed the private company code stores of  approximately 4,000 organisations. 

Why it matters

Many software vendors use GitHub to manage their code, but since it’s takeover by Microsoft, in 2018, it's been plagued by downtime and issues.

This attack used a popular Microsoft development platform called VSCode and a malicious plugin, to gain access.

It's an important reminder never to install plugins without being 100% sure of their origin. 
 

 

What it means 

Two former executives of a call-tracking and analytics company pleaded guilty to concealing a year-long tech support fraud scheme that victimised individuals worldwide. 
Why it matters

This is one of the first times companies have been held accountable for who or what their services have been used for. It also demonstrates that cyber criminals are not afraid to adulterate providers' services.  
 

 

What it means 

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS. The vulnerabilities could have enabled remote attackers to gain access. 
Why it matters

UniFi is widely used for client networking. Whilst this reveals the product is not perfect, it's reassuring to see the makers react fast to fix issues. There are no local reports of this being exploited, but we will be rolling out the updates quickly. 
 

 

What it means 

Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years. More than $2.2 billion of the transactions were in 2025 alone. 
Why it matters
We care because - love or hate apple – they are definitely putting the client first before profit. They're reported to be developing AI models in attempts to predict fraudulent users, which is a great example of using AI for good. 
 

 

What it means 

Last week, Microsoft began rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. Hackers get far greater access if they use the very software you think is protecting you.
Why it matters

Even software designed to keep us safe is not immune to flaws - and it's the second month in a row that imperfections have been discovered in Microsoft Defender.

The industry is  seeing a lot of attacks on security software right now, and we think it's going to get worse! 
 

 

What it means 

Working in cybersecurity, we are well aware of the playbook that ransomware operators use. Stolen credentials, established persistence, network recon, pivoting to a high-value target cash out. These techniques are well documented and we have established protocols to kill their attempts.

What none of us have been exposed to, is that same playbook being used in a more real-world setting. 

Why it matters

This demonstrates a worrying trend, moving Cybercrime into “real” life. These attackers are using the same methods, but instead of targeting data for theft or encryption, they're using it to reroute and steal cargo. If the practice spreads, it could wreak havoc in the supply chains for nearly everything!
With attackers becoming ever-more creative,  it's imperative we take our security more seriously than ever. 
 

Want to share the bulletin?
If you'd like to share the security updates with friends and colleagues, there's no need to forward them - just pass on a link.

With the updates already proving popular, we've broadened the access, so that even more clients (and those who aren't) can benefit from our security insights.
 
Just pass on the link: Security updates
 
 
 
 

Future Business Centre, Kings Hedges Road, Cambridge, CB4 2HY, UK. 

 

Grace Solutions is a limited company registered in England and Wales.

 

Company No. 06463651.

VAT No. 108 196 024